def reapply_cors(request, response):
"""Reapply cors headers to the new response with regards to the request.
We need to re-apply the CORS checks done by Cornice, in case we're
recreating the response from scratch.
"""
service = request.current_service
if service:
request.info['cors_checked'] = False
cors.apply_cors_post_request(service, request, response)
response = cors.ensure_origin(service, request, response)
else:
# No existing service is concerned, and Cornice is not implied.
origin = request.headers.get('Origin')
if origin:
settings = request.registry.settings
allowed_origins = set(aslist(settings['cors_origins']))
required_origins = {'*', decode_header(origin)}
if allowed_origins.intersection(required_origins):
origin = encode_header(origin)
response.headers['Access-Control-Allow-Origin'] = origin
# Import service here because kinto.core import utils
from kinto.core import Service
if Service.default_cors_headers:
headers = ','.join(Service.default_cors_headers)
response.headers['Access-Control-Expose-Headers'] = headers
return response
def reapply_cors(request, response):
"""Reapply cors headers to the new response with regards to the request.
We need to re-apply the CORS checks done by Cornice, in case we're
recreating the response from scratch.
"""
service = request.current_service
if service:
request.info["cors_checked"] = False
cors.apply_cors_post_request(service, request, response)
response = cors.ensure_origin(service, request, response)
else:
# No existing service is concerned, and Cornice is not implied.
origin = request.headers.get("Origin")
if origin:
settings = request.registry.settings
allowed_origins = set(aslist(settings["cors_origins"]))
required_origins = {"*", origin}
if allowed_origins.intersection(required_origins):
response.headers["Access-Control-Allow-Origin"] = origin
# Import service here because kinto.core import utils
from kinto.core import Service
if Service.default_cors_headers: # pragma: no branch
headers = ",".join(Service.default_cors_headers)
response.headers["Access-Control-Expose-Headers"] = headers
return response
def reapply_cors(request, response):
"""Reapply cors headers to the new response with regards to the request.
We need to re-apply the CORS checks done by Cornice, in case we're
recreating the response from scratch.
"""
service = current_service(request)
if service:
request.info['cors_checked'] = False
cors.apply_cors_post_request(service, request, response)
response = cors.ensure_origin(service, request, response)
else:
# No existing service is concerned, and Cornice is not implied.
origin = request.headers.get('Origin')
if origin:
settings = request.registry.settings
allowed_origins = set(aslist(settings['cors_origins']))
required_origins = {'*', decode_header(origin)}
if allowed_origins.intersection(required_origins):
origin = encode_header(origin)
response.headers['Access-Control-Allow-Origin'] = origin
# Import service here because cliquet import utils
from cliquet import Service
if Service.default_cors_headers:
headers = ','.join(Service.default_cors_headers)
response.headers['Access-Control-Expose-Headers'] = headers
return response
def _add_cors(request: pyramid.request.Request) -> None:
services = request.registry.cornice_services
if request.matched_route is not None:
pattern = request.matched_route.pattern
service = services.get(pattern, None)
if service is not None:
request.info['cors_checked'] = False
cors.apply_cors_post_request(service, request, request.response)
return
_crude_add_cors(request)
def apply_filters(request, response):
if request.matched_route is not None:
# do some sanity checking on the response using filters
services = request.registry.get('cornice_services', {})
pattern = request.matched_route.pattern
service = services.get(pattern, None)
if service is not None:
kwargs, ob = getattr(request, "cornice_args", ({}, None))
for _filter in kwargs.get('filters', []):
if is_string(_filter) and ob is not None:
_filter = getattr(ob, _filter)
try:
response = _filter(response, request)
except TypeError:
response = _filter(response)
if service.cors_enabled:
apply_cors_post_request(service, request, response)
return response
def apply_filters(request, response):
if request.matched_route is not None:
# do some sanity checking on the response using filters
services = request.registry.cornice_services
pattern = request.matched_route.pattern
service = services.get(pattern, None)
if service is not None:
kwargs, ob = getattr(request, "cornice_args", ({}, None))
for _filter in kwargs.get('filters', []):
if is_string(_filter) and ob is not None:
_filter = getattr(ob, _filter)
try:
response = _filter(response, request)
except TypeError:
response = _filter(response)
if service.cors_enabled:
apply_cors_post_request(service, request, response)
return response
